Avast File Reputation Blocking Anniversary Update File

Status
Not open for further replies.
O

Omnipotent

Thread author
It looks like a legitimate process, but it won't let me not abort the connection. Any help? I may have disabled a vital windows process.

bzvfP3r.png
 
Last edited by a moderator:
  • Like
Reactions: XhenEd, frogboy, Logethica and 1 other person
DJ Panda

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
The link is working. I have had this popup many times where it says "Abort Connection" click on the v arrow. Then it should give you the option to "Complete the Download". :)
 
  • Like
Reactions: Logethica and Andytay70
O

Omnipotent

Thread author
J Gamez065 said:
The link is working. I have had this popup many times where it says "Abort Connection" click on the v arrow. Then it should give you the option to "Complete the Download". :)
Click to expand...
Yeah, the problem is avast wont let me complete the download. :(
 
  • Like
Reactions: Logethica
W

Wave

Thread author
There is nothing wrong, it is nothing but an honest Windows Update! :)
I am not a user of avast! products but is there not an option to allow the connection (where the drop-down is to select the action to take)? You can try white-listing the svchost.exe process manually in the settings.

Avast did not detect the svchost.exe (it's a legitimate Windows process in this case..) as malicious but it alerted about the connection the process has because the downloads are not whitelisted by Avast yet... since it is a new Windows Update the file rep picks it up as suspicious :)

edit: sorry only just read the replies... just try to whitelist the svchost.exe process manually and see if that stops the alerts/block
 
  • Like
Reactions: Logethica and DJ Panda
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
  • Like
Reactions: Logethica, Wave and DJ Panda
Intel_iRIS81

Intel_iRIS81

Level 1
Verified
Jun 7, 2016
23
I'm more of a Windows/Android software guru than I am security. I advise you in that tiny span of downloading to disable your AV for that download. Its only gonna be for a minute or so. At least whitelist it. Turn off everything and use Defender during the download if you have too. I advise everyone going to this update to do a clean install. Backup everything and go about the install that way. This isn't a regular update. Its really a new OS upgrade and I've been on this newest final release about a week now from the windows insider program and loving it but they changed a lot internally. Not sure what route you went about downloading it but I would use a bootable usb and use either Rufus or Media creation tool.
 
  • Like
Reactions: DardiM and Logethica
DJ Panda

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
Swaglife81 said:
I'm more of a Windows/Android software guru than I am security. I advise you in that tiny span of downloading to disable your AV for that download. Its only gonna be for a minute or so. At least whitelist it. Turn off everything and use Defender during the download if you have too. I advise everyone going to this update to do a clean install. Backup everything and go about the install that way. This isn't a regular update. Its really a new OS upgrade and I've been on this newest final release about a week now from the windows insider program and loving it but they changed a lot internally. Not sure what route you went about downloading it but I would use a bootable usb and use either Rufus or Media creation tool.
Click to expand...


Making a backup is always a good idea even when doing an upgrade. As for disabling an AV isn't really needed. If it is detected you can always exclude the update and move on. I am fairly sure that the user was only notified due to having Avasts swettings tweaked. :)
 
  • Like
Reactions: Logethica and Wave
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Avast File Rep flags Windows Defender definition updates, on Windows 10 AU. @xCharbz See below, it's related to Windows Defender - not the Anniversary Update.

upload_2016-8-26_9-13-28.png
 
  • Like
Reactions: King Alpha and Omnipotent
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
xCharbz said:
That seems sketchy.
Click to expand...
In what way?

Remember that not many users will be running Avast and Windows Defender on an OS prior to Windows 10 AU. Limited Periodic Scanning allows Windows Defender to update, whilst another AV is active.

I don't see anything sketchy about this. :)
 
  • Like
Reactions: Omnipotent
O

Omnipotent

Thread author
Huracan said:
In what way?

Remember that not many users will be running Avast and Windows Defender on an OS prior to Windows 10 AU. Limited Periodic Scanning allows Windows Defender to update, whilst another AV is active.

I don't see anything sketchy about this. :)
Click to expand...
It just seems unusual that Avast would flag something being downloaded from the system32 folder itself. Even though it is a very new file, it should know that it's safe.
 
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
xCharbz said:
Even though it is a very new file, it should know that it's safe.
Click to expand...
It's not signed and a new file.
File Reputation Warning - Windows Update in URL
Eddy said:
The filerep warning is a automated system.
I don't know the exact numbers, but lets say the first 100.000 avast users get to see the warning.
If you are avast user number 100.001 that downloads the update(s), you will not get the warning since the system now doesn't see it as a rare (and therefore potentially suspicious) file anymore.

In theory it can be that only the first user gets the warning, but avast has to add the file(s) to the whitelist so it will not trigger the warning anymore.

Note :
This is just a simple explanation on how the filerep warning works.
No use of making it difficult so only a few people understand what I say, right
Click to expand...
 
  • Like
Reactions: Omnipotent
A

Aura

Level 20
Verified
Jul 29, 2014
966
Not the first time I've seen avast! flagging Windows Update-related files.
 
Status
Not open for further replies.

Similar threads

Ink
    • Like
    • Thanks
New Update OpenMTP - An advanced Android File Transfer tool for macOS
Replies
0
Views
235
Cloud storage, file sharing and encryption
Ink
Ink
L
  • Locked
Waiting for reply I have my first virus
Replies
1
Views
158
Windows Malware Removal Help & Support
nasdaq
nasdaq
Xeno1234
    • Like
  • Locked
Solved Possible Network Intrusion.
Replies
66
Views
2,820
General Security Discussions
Xeno1234
Xeno1234

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top